He makes a point (after a good technical explanation as to how the NSA works in the email spying business) which I have always thought pretty obvious:
I was also interested to read of this pretty clever way of passing information without sending an email:Sure, people could make the argument that this could be the slippery slope to some sort of effort by the government to monitor your porn subscriptions, but . . . really? The N.S.A. is downloading petabytes of data every day with so many anonymizers and protections in place, it is incomprehensible to imagine (and illegal and technologically problematic) that someone would just somehow start surfing through private records. To me, the slippery-slope argument makes as much sense as the N.R.A.’s position that, if we use background checks to keep guns out of the hands of criminals, the United States is on the way to the seizure of weapons. And they make the same silly argument—they think that the government invades their privacy by running those checks.
Sometime after 9/11, al-Qaeda members figured out that a great way to transmit information over the Internet was by not transmitting it at all. Instead, a terrorist would open an account with a free service like Hotmail or Google, write an e-mail, and rather than sending it or even writing in the address of a recipient, would store it in a “draft” folder. Then, through other means such as a satellite phone or another e-mail account, a coded message would be sent to the planned recipient telling him the account name and the password. The recipient would know to open the account, check the draft file, and then delete the account. Once the N.S.A. knew through other means of the existence of the message, it would gain access to the temporary account through a court-issued subpoena to the company, read the secret message, and watch what happened. By 2010, though, the terrorists figured out this wasn’t working anymore and changed tactics.